DistroWatch Weekly

A weekly opinion column and a summary of events from the distribution world

DistroWatch Weekly

DistroWatch Weekly, Issue 525, 16 September 2013

Welcome to this year's 37th issue of DistroWatch Weekly! Ubuntu has always presented itself as an operating system for end users, notably desktop and laptop computers, so it might have escaped the attention of many that the project also provides an excellent server variant. But what do you do if you are just starting up with Linux and would like to build a website running Ubuntu? Simple - get the third edition of The Official Ubuntu Server Book. Jesse Smith is happy with the publication, believing that it "takes some difficult subjects and boils them down nicely". Read his complete book review below. In the news section, FreeBSD launches the first alpha of version 10 with a surprising array of new features, OpenBSD prepares for the release of version 5.4, Linux Mint delivers a brand-new version of the excellent MintBox, and openSUSE unveils a new image for the Raspberry Pi mini computer. Also in this week's issue, a discussion about the alternatives to the Skype voice-over-IP service and instant messaging client and an intriguing interview with the leader of Manjaro Linux, a user-friendly fork or Arch Linux. Happy reading!

Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (13MB) and MP3 (29MB) formats

Feature Story (by Jesse Smith)

Book review: The Official Ubuntu Server Book (3rd edition)

Typically when I pick up an educational book on Linux it is with the hope of finding a text which will help introduce newcomers to the Linux desktop. On a few occasions I've found good books that explore more technical concerns, such as trouble-shooting Linux distributions when things go wrong or exploring the power of the command line. Not often do I flip through books dedicated to working with servers. Maintaining servers just isn't exciting work, or at least when things are going well it isn't very exciting. Server administrators prefer dull days over exciting ones and so the books dedicated to server maintenance tend not to be thrilling. However, for almost every rule there is an exception and I picked up a copy of The Official Ubuntu Server Book (cover pictured on the right) last week, mostly because of the author.

Kyle Rankin's name appeared on a text I reviewed last year called DevOps Troubleshooting: Linux Server Best Practices. It is one of the best books I've read on dealing with computers that are malfunctioning and it was a surprisingly easy read considering the complex subject matter. With this in mind I had hoped Mr Rankin and his co-author, Mako Hill, would take the complicated process of properly managing a server running the Ubuntu operating system and present the material in a simple and easy to understand fashion. I am happy to report that is exactly what the authors did and the result is remarkable.

The first thing which stood out about The Official Ubuntu Server Book is that it doesn't assume we have much experience when we start reading the text. It would be helpful if we have used a Linux distribution before and readers will feel much more comfortable with the book if they have used a Linux command line at some point in the past. However, beyond this low level of experience, very little is assumed about the reader's abilities. We are not expected to have worked with servers in the past, nor are we expected to be masters of the command line or know where configuration files are located.

The book starts by giving us some background on GNU/Linux operating systems in general and then Ubuntu in particular. We are given a quick history of Ubuntu's Server edition. Then we are shown a step-by-step tutorial on installing Ubuntu Server and, again, our level of experience is assumed to be approximately that of someone who has managed to stumble through an installation of a Linux distribution sometime in the past. The text then spends a little time explaining the Linux command line, file permissions and some other operating system basics. From there we get into low level concepts such as the steps the operating system takes to boot and how to manage Ubuntu packages from the command line. In short, the first four chapters are there to give us some background information, get us up and running with a fresh installation and show us how to perform a few basic tasks from the command line. After that we get into the interesting server stuff.

Chapter Five is where a great deal of the action is and this chapter is probably what will make the book really worth while for most readers. This chapter explains how to install and configure several popular services. These include DNS, the Apache web server, secure shell (OpenSSH), database services, DHCP, file servers and a thin-client server. Setting up these services can be intimidating, especially for new administrators, but the book breaks down the steps, explains the configuration process and contains lots of examples. The text is clearly presented and makes the tasks seem much easier than most on-line tutorials (or even other textbooks) do.

After that the book explains basic security and talks about the various approaches to maintaining a secure server. What I particularly liked about the Security chapter is that the authors point out some of the pros and cons to various approaches. For instance, we are told how to automatically block unwanted remote login attempts and then we are told how this can blow up in our faces. At another point the text mentions a simple method for avoiding locking ourselves out of a remote server should we mis-configure the firewall. It is little tips like these that will save new administrators a great deal of time and heartache. After that the book gets into various backup methods, how to monitor servers and virtualization. There is also some overlap with the aforementioned DevOps book in that the text covers troubleshooting common problems and how to rescue or recover a server.

There are also some notes on issues to consider if the server appears to be compromised by outside attackers. Toward the end of the book the authors cover other resources (beside the book) where a troubled administrator can find help. At the end of the book we find several tips and shortcuts for server administration. These are typically short, one-line commands that an administrator might use over and over and, in doing so, save a great deal of time. These sorts of quick tips are things system administrators naturally start doing as they gain experience over the years and it is nice to see the authors passing along their hard-won wisdom to the readers.

Throughout the book we are given simple and clear explanations without expectation that we have past knowledge of server administration or even, in some cases, command line knowledge. In addition the book not only tells us how to set up services a certain way, but gives the reasoning behind the practices advocated. This gives administrators more than the blueprints for setting up a server, we are also given the building blocks for customizing the services and the ability to weigh certain choices. Some of these choices are more philosophical than technical, such as how to respond to an on-line attack or the level of access to give multiple administrators in a team environment.

If The Official Ubuntu Server Book has a fault, it is that (as the title implies) the book is entirely focused on recent releases of Ubuntu. Many of the steps and concepts presented are transferable to other Linux distributions, but some of the material is strictly related to Ubuntu and its family of community distributions. (The copy of the book I received comes with two discs, one for Ubuntu Server 12.04.2 and one for Ubuntu Server 13.04, both are 64-bit builds.) This does tie the reader pretty closely to Ubuntu (and perhaps Debian), but given how powerful and straight forward Ubuntu Server is to maintain, that may not be a bad thing.

All in all, I was very happy with the book. It takes some difficult subjects and boils them down nicely, giving the reader a way to quickly get services up and running. The miscellaneous tips provided are quite useful and will probably save readers a good deal of time over the course of a career. Server administration sometimes comes across as a dark art and it is nice to see a book which so thoroughly shines a light onto the subject. Whether you are studying to become a system administrator or just looking to set up a server at home to handle personal e-mail, I think this is a good text to get newcomers started.

The FreeBSD project has been around for ages, so it might surprise some people that its upcoming version will only reach number ten. Still, that's a big number that might look like a significant release in some commercial quarters, but it's just "business as usual" in the FreeBSD land. Nevertheless, it's a major new release, so can we expect anything breathtaking? The answer is YES. The widely publicised switch of compilers from GCC to Clang/LLVM is astounding enough, but there are more surprises, including the developed-from-scratch BSD Hypervisor (bhyve): "bhyve, the 'BSD hypervisor' is a legacy-free hypervisor and virtual machine manager that is actively being developed on FreeBSD and leverages modern CPU features such as Extended Page Tables (EPT). What hardware does it run on? bhyve currently supports Intel processors with Extended Page Tables. Processor EPT compatibility can be determined at ark.intel.com but most Core i3, i5, i7 and related Xeon processors are supported. Presence of the "POPCNT" (POP Count) processor feature in dmesg(8) will also indicate EPT support. AMD SVN support arrived on August 22nd, 2013 with FreeBSD svn r254677 and requires testing." Certainly an exciting item for the fans of FreeBSD, but this news merely confirms that FreeBSD is just playing catch-up with Linux. Or is this assessment incorrect? We'd really appreciate to hear from FreeBSD gurus here.

* * * * *

Still in the BSD land, the developers of OpenBSD have published the release page of the upcoming OpenBSD 5.4 page which includes the usual changelog, the song and other useful information: "This is a partial list of new features and systems included in OpenBSD 5.4. For a comprehensive list, see the changelog leading to 5.4. New/extended platforms - OpenBSD/octeon, new platform for systems based on the Cavium Octeon MIPS-compatible processors, supported machines include Portwell CAM-0100, Ubiquiti Networks EdgeRouter LITE (no local storage); improved hardware support, including inteldrm(4) has been overhauled; support for Kernel Mode Setting (KMS) including support for additional output types such as DisplayPort; Sandy Bridge and newer parts which previously had only ShadowFB acceleration now have full hardware acceleration including use of the 3D rings; wsdisplay(4) now attaches to inteldrm(4) and providers a framebuffer console...." OpenBSD 5.4 will be released on 1 November 2013 and if you want it, please head over to the project's online store for pre-orders or wait for the FTP servers to provide the installation CD images.

* * * * *

Despite being in the 21st century, buying computers with a choice of operating systems is still hard and sometimes even impossible, so it's our pleasure to report the availability of MintBox 2, a sexy mini-computer that comes with the latest version of Linux Mint. Clement Lefebvre reports on the distribution's blog: "The MintBox 2 is now available and can be ordered from CompuLab. The MintBox 2 will also soon become available from Amazon.com and Amazon.de for US and European customers. MintBox 2 is a mini-computer which connects to TVs or computer monitors via HDMI or DisplayPort. It comes with 8 USB ports as well as in/out audio jacks, eSATA, Ethernet, WiFi and Bluetooth so you can connect it easily to any network or device. The unit feels very special and very unique. It's small, about the size of a router, so it fits behind your keyboard, your TV and it's easy to bring with you anywhere you go. It's extremely sturdy and completely silent. There is no plastic, the case is entirely made of solid die-cast iron and acts as a heat sink, so there are no fans inside of it. It boasts 4 times the processing power of the previous generation and comes with a 5 years warranty."

* * * * *

Good news for those who enjoy openSUSE and who own the Raspberry Pi board - since last week a new version of the distribution is available for the popular mini computer: "We got a new armv6-based image for the Raspberry Pi. This one is only 82 MB compressed, so pretty minimalistic. The exciting new thing is that this was created using an alternative image building automatism which I wrote from scratch in three hours this morning. This means that everyone can now easily build his own images the way he likes and even branch and submit requests for changes that are useful for others. The way to use this is simple. This pseudo-package does not easily build within OBS or osc alone because it needs root permissions for some of the steps (chroot, mknod, mount) which could only be 'workarounded' with User-Mode-Linux or patching osc. The build consists of three steps that can be seen in main.sh." If it all seems highly technical, it's because it is, but it's also nice to see that openSUSE is making an effort to offer another alternative for the little computer.

* * * * *

Finally, a link to an interview with Philip Müller, one of the leaders of Manjaro Linux: "Like a lot of people, I've been watching Manjaro rise in popularity (at least according to DistroWatch and Internet chatter). Manjaro, a fork of Arch Linux, is often divisive, one of those distros that people either love or hate, with not much in-between. Building upon Arch is a bold move, given that it's a philosophy as much as it's a distribution. Arch is deliberately complex in order to give users as much control as possible over their system. Manjaro's goal of simplifying Arch can be seen as compromising that philosophy. But given Manjaro's popularity, it's filling a need for users who want a simpler Arch implementation - even at the cost of control over their system. I played with Manjaro for a few weeks and ultimately, it wasn't for me. But after exploring the distro and researching it, I was curious about the project, so I reached out to the project leaders, who shared my questions with some other Manjaro team members."

Questions and Answers (by Jesse Smith)

Skype alternatives

Your-call-is-being-connected asks: I have been using Skype on Linux, but I don't like that it is a proprietary application. Are there any good open-source clients that do the same thing on Linux?

Distrowatch answers: There are a handful of software phones, with similar functionality to Skype, available on GNU/Linux platforms. Let's look at a few. There is Ekiga, formally known as GnomeMeeting. This application can make software-to-software calls, software-to-phone calls and supports video chat. Ekiga has a fairly simple interface and a good start-up wizard which helps new users set up an account. If you are fairly new to video chat clients and want friendly, graphical wizards that walk you through the steps of setting up everything, this is a good place to start.

Next on the list is Empathy. Empathy is a messaging client which supports text, voice and video communication over multiple protocols. It also handles file transfers on protocols which support the feature. Empathy is more of an instant messaging client which happens to support video chat than a Skype replacement and not geared toward making phone calls, but it is a flexible application and available in most distributions.

Linphone is strictly a VoIP client which can be used to either make direct calls to another VoIP client on the local network or Linphone can connect to users who use a third-party VoIP service. The Linphone software also has the ability to make calls to traditional telephones if the user's VoIP operator supports the feature. While Linphone may be one of the applications closest to mimicking Skype's behaviour, it is also probably the one application on this list that requires the most effort on the part of the user to get up and running. Users of Linphone will need to manually create an account with a VoIP provider in order to make calls to other VoIP users around the world.

Something to keep in mind is that while open source video and voice applications often play well together, proprietary applications usually do not work well with their open source counterparts. This means if you are connecting with someone else who uses open source software, you can probably use whichever conferencing software you want so long as it supports the right protocol. On the other hand, if your contacts are firmly set on using Skype, you may be stuck with running a proprietary client.

Philip Müller has announced the release of an updated build of Manjaro Linux, version 0.8.7.1, an Arch-based distribution with a choice of Xfce or Openbox and now also complete with a useful 63-page beginner's guide: "On behalf of the Manjaro development team I'm happy to announce our updated stable release of Manjaro Linux 'Ascella'. The last two weeks we tweaked and enhanced our current stable release to make it even better. The live installer got simplified to make it even smoother to install Manjaro. Now we support optional Plymouth to be installed. Linux kernel 3.10 series is now used which gives you more hardware support than our last stable release. This release includes both update packs we released the past two weeks. Grammar issues and little changes make the welcome screen an even better introduction to Manjaro Linux." Here is the full release announcement. Download (MD5): manjaro-xfce-0.8.7.1-i686.iso (1,112MB), manjaro-openbox-0.8.7.1-i686.iso (686MB).

Jeff Hoogland has announced the release of Bodhi Linux 2.4.0, a minimalist and "enlightened" desktop Linux distribution based on Ubuntu 12.04: "It has been close to six months since our last Bodhi Linux release - far too long! This is just our normal update release - meaning if you are already a Bodhi user and have been running your system updates then you already have all these additions running on your system. To cut right to the chase - you can find direct downloads of the ISO images on Source Forge here. You can obtain torrent downloads for the ISO images later today. Our 2.4.0 release features three ISO images to install from: 32-bit featuring a current PAE enabled kernel, 32-bit featuring a non-PAE kernel with older hardware support and 64- bit featuring a current kernel. This release features the Enlightenment 0.17.4 desktop, version 0.5.5 of the Midori web browser and the 3.8 Linux kernel. As always - our default theme selection is shaken up." See the release announcement for more information and news about the upcoming Bodhi Linux 3.0 release.

Roberto Dohnert has announced the release of OS4 OpenLinux 14, an Ubuntu-based desktop Linux distribution focused on ease of use: "Today we are announcing the new release of OS/4 OpenLinux 14. With this release we bring many new enhancements to the OS/4 line. OS/4 OpenLinux 14 is the result of a year's worth of beta testing and kernel enhancements, and has easily outnumbered the team's current record of 57 beta builds with 135 beta builds that we delivered to our beta testers. The results have been astounding. One of the things we try to improve on with our releases is the user experience. We want to deliver a system that is beautiful, intuitive and that is easy to use for our users so with that we made some improvements to the icon set, we went with the Radiance and Ambience themes for Xfce and we also introduced a bunch of new backgrounds so users can beautify their desktops any way they see fit." Continue to the release announcement to learn more about the release.

Stephan Raue has announced the release of OpenELEC 3.2.0, a new stable version of the specialist distribution for media centres: "OpenELEC 3.2.0 is the first stable release following OpenELEC 3.0 and is recommended for all new installations. Systems running OpenELEC 3.0 and 3.1 will automatically update to 3.2 if auto-update is enabled. Users who are still running OpenELEC 1.0 or 2.0 are encouraged to manually update to enjoy the many new features. Like OpenELEC 3.0, the 3.2 release is based upon XBMC Frodo (12.x) but 'under the hood' it includes many notable changes: many improvements, feature enhancements and bug fixes to XBMC Frodo including a number of backports from Gotham and speed improvements for RaspberryPi users; Linux kernel 3.10, bringing many new and updated drivers and improvements; Mesa 9.2; ALSA 1.0.27...." Read the rest of the release announcement for more information and screenshots.

Bruce Dubbs has announced the release of Beyond Linux From Scratch (BLFS) 7.4, a book that extends the Linux From Scratch (LFS) project with extra software. It provides step-by-step instructions for compiling open-source software and building a usable Linux system which includes X Window System, desktop environments (KDE 4.11, GNOME 3.8 and Xfce 4.10) and window managers, office applications, multimedia programs and server components. From the brief release announcement (as published on the lfs-announce mailing list): "After five years, the BLFS team is happy to present version 7.4 of Beyond Linux From Scratch. This version includes approximately 750 packages beyond the base Linux From Scratch version 7.4 book. Keeping up to date with released packages that are useful to users is a challenge. On average, three new packages are released every day, seven days a week. As of this writing, BLFS is current. The vast majority of packages in the book have been verified to work in an LFS 7.4 environment, however a few (26) packages have only been built and not tested primarily due to hardware constraints."

Chris Buechler has announced the release of pfSense 2.1, a free, open-source and customised distribution of FreeBSD tailored for use as a firewall and router: "I'm proud to announce the release of pfSense 2.1, and our new Gold subscription. The 2.1 book and our AutoConfigBackup service, available for years to support subscribers, are immediately available today to Gold subscribers. This release brings many new features, with the biggest change being IPv6 support in almost every portion of the system. There are also a number of bug fixes and touch-ups in general. Three FreeBSD security advisories are applicable to prior pfSense releases. These aren't remotely exploitable in and of themselves, but anyone who can execute arbitrary code on your firewall could use one or more of these to escalate privileges." See the detailed release announcement for a complete list of changes, new features, bug fixes and package updates.

RaspyFi. RaspyFi is a Debian-based distribution made specifically for the Raspberry Pi. It aims to fully integrate Music Player Daemon, an open-source music player server, into the current Debian releases and to optimise it for Audiophile-quality music playback. RaspyFi also makes it simple to play music library directly from a USB storage device or from any network-attached storage and it also enables users to listen to web-based radio stations from Spotify, Last.fm and SoundCloud.

Chitwanix OS. Chitwanix OS is an Ubuntu-based distribution developed in Nepal and providing support for the Nepali language.

Huayra Linux. Huayra Linux is a Debian-based Linux distribution of the government of Argentina designed for educational purposes.

Ramone Linux. Ramone Linux is a do-it-yourself GNU/Linux distribution based on Linux From Scratch. It uses the RPM package manager and the default desktop environment is GNOME. KDE, Xfce and LXDE are also supported.

"Immunix" was a family of tools designed to enhance system integrity by hardening system components and platforms against security attacks. Immunix secures a Linux OS and applications. Immunix works by hardening existing software components and platforms so that attempts to exploit security vulnerabilities will fail safe, i.e. the compromised process halts instead of giving control to the attacker, and then was restarted. The software components are effectively "laminated" with Immunix technologies to harden them against attack.